I know many have asked how to protect the console menu system. This is how I succeeded in this.
In the /etc directory, I copied rc.initial to rc.initial.menu
I then modified rc.initial script to something similar to this:
###rc.initial
# display a cheap menu
echo
echo
echo "PacketMan Traffic Shaper"
echo "************************"
echo "1) About"
echo "2) Maintenance"
echo
read -p "Enter a number: " opmode
# see what the user has chosen
case ${opmode} in
1)
/etc/rc.initial.about # This is if you wanted to create an about screen
;;
2)
/etc/rc.initial.lock # This will call the access script
;;
911)
/etc/rc.initial.menu # I added this backdoor, in case password was lost. May want to
prompt for unique password, such as a serial.
;;
###Then create a rc.initial.lock file and add the following:
#!/usr/local/bin/php -f
<?php
/* parse the configuration and include all functions used below */
require_once("config.inc");
require_once("functions.inc");
$fp = fopen('php://stdin', 'r');
echo <<<EOD
Password is required to access the Maintenance Menu.
Please enter password:
EOD;
$passwdxml = $config['system']['password'];
if (crypt(chop(fgets($fp)), $passwdxml) == $passwdxml) { # Crypt the user input, and compare to
system password
echo <<<EOD
Access Granted!
EOD;
system_menu_access(); # This calls the rc.initial.menu file, and will need to be
added to the system.inc in /etc/inc/
}
?>
###Now edit rc.initial.menu and add a exit option
#rc.initial.menu
#add an echo option
echo "7) Return to Main Menu"
###Then add the command to execute to return to opening menu
7)
/etc/rc.initial
;;
###Now to edit /etc/inc/system.inc
Add the following line toward the middle of the file:
function system_menu_access() {
global $g;
mwexec("/etc/rc.initial.menu");
}
###This should be a simple fix, although there are other (most likely simpler) ways to do this.
Check your file permissions, chmod 755
If any one knows of a good way to hide the user input in the lock script, please let me know.
Thanks,
Junior
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.806 / Virus Database: 548 - Release Date: 12/5/2004